Overview

overview

7

Static

static

3

ForkBomb.exe

windows7_x64

7

ForkBomb.exe

windows10_x64

7

ForkBomb.exe

windows10-2004_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ForkBomb.rar

  • Size

    5.7MB

  • Sample

    220527-a6ff6scaaq

  • MD5

    09401222ebb9a6a58eeb1c7af3f6bd07

  • SHA1

    225db4b6871ed72d8f06ccdb26054bd815c81d48

  • SHA256

    03dbd12b32d587d1075f9c157579ef8f4116e2925134925078311b1af5ed7902

  • SHA512

    8679f92000f19ef3678d1ef2c88e8392e2998c29b1a4ff2a6659663afb5b00fa6884932a4c9d29fc6e7555dd818587fbd0cf25d5f74157f4219ec7c8f3d62c0b

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      ForkBomb.exe

    • Size

      5.9MB

    • MD5

      7abeb676f65cd7571a2eb0ff72da9958

    • SHA1

      1f58501eb857bc9b6842273fd40e13ae01057656

    • SHA256

      ccb8a1b6cb26e6238694749efc490ee9f50381066da7d9f4c8e69650cbeb63d3

    • SHA512

      6900b053bba4029c8a5001cef41aeac0cc76f1b7407f7bbd72f24ef3c3566c49d6d3f6ef462515bf06a4c04e951863127043cf4d4d24ee83d5823cebc5d64384

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks